James Brokenshire has signed the UK up to the EC cyber-crime directive despite major grey areas

A new European Commision directive on cyber-security is to be adopted by the British government despite being described by Home Office minister James Brokenshire as “not perfect”.

The directive softens the borders between European Union member countries’ law enforcement domains by requiring each of them to establish a central cyber-security operation which can be contacted by other states. Such contacts will have to be responded to within eight hours under the ruling.

Within each country, the development and sale of applications designed to aid cyber-crime will be a criminal offence. There will also be a minimum sentence of five years in prison for individuals found to be members of a criminal gang.

The new laws would also guard against a European WikiLeaks scandal by making it an offence to intercept confidential data. How this will be interpreted is not yet clear because it does not explain if the initial hacker would be solely responsible or whether anyone receiving the information would also be liable to prosecution – in the way that receiving stolen goods is considered a crime.

The use of botnets would also cause a few legal headaches. Deliberately joining a DDoS offensive, such as the Anonymous Operation’s army of volunteers, would be illegal but the thousands who are unwittingly part of a botnet could also be considered guilty.

“Online attacks can have a significant real world impact,” Brokenshire said, “so great that the national security strategy placed the threat as one of the top tier of threats to our national security.”